Latest CVE Feed
-
5.4
MEDIUM- Published: Feb. 07, 2020
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2013-3629
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution... Read more
Affected Products : ispconfig- Published: Feb. 07, 2020
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2013-3628
Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability... Read more
Affected Products : zabbix- Published: Feb. 07, 2020
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2013-3620
Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312.... Read more
- Published: Jan. 02, 2020
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2013-3619
Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 and firmware for Supermicro X8 generation motherboards before SMT X8 312 contain harcoded private encryption keys for the (1) Lightt... Read more
- Published: Jan. 02, 2020
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2013-3591
vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability... Read more
Affected Products : vtiger_crm- Published: Feb. 07, 2020
- Modified: Nov. 21, 2024
-
5.9
MEDIUMCVE-2013-3587
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing ... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager big-ip_edge_gateway big-ip_webaccelerator +4 more products- Published: Feb. 21, 2020
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2013-3568
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.... Read more
- Published: Feb. 06, 2020
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2013-3565
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to r... Read more
- Published: Jan. 31, 2020
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2013-3564
The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating.... Read more
Affected Products : vlc_media_player- Published: Feb. 06, 2020
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2013-3553
Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file.... Read more
- Published: Feb. 08, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2013-3552
Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file.... Read more
- Published: Feb. 08, 2018
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2013-3551
Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.20, 3.1.x before 3.1.16, and 3.2.x before 3.2.7, and OTRS ITSM 3.0.x before 3.0.8, 3.1.x before 3.1.9, and 3.2.x before 3.2.5 does not properly restrict tickets, whic... Read more
- Published: Feb. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2013-3542
Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it eas... Read more
Affected Products : gxv3501_firmware gxv3504_firmware gxv3601_firmware gxv3601hd_firmware gxv3601ll_firmware gxv3611hd_firmware gxv3611ll_firmware gxv3615w_firmware gxv3615p_firmware gxv3651fhd_firmware +16 more products- Published: Dec. 11, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2013-3517
Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L.... Read more
- Published: Nov. 13, 2019
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2013-3516
NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens.... Read more
- Published: Nov. 13, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2013-3494
A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll due to insufficient path restrictions when loading external libraries. which could let a malicious user execute arbitrary code.... Read more
Affected Products : umplayer- Published: Feb. 12, 2020
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2013-3493
XnView 2.03 has an integer overflow vulnerability... Read more
Affected Products : xnview- Published: Jan. 27, 2020
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2013-3492
XnView 2.03 has a stack-based buffer overflow vulnerability... Read more
Affected Products : xnview- Published: Jan. 27, 2020
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2013-3489
Buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0 allows remote attackers to execute arbitrary code via a crafted RealMedia .rm file... Read more
Affected Products : mpc-hc- Published: Jan. 31, 2020
- Modified: Nov. 21, 2024